All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2017

{"result": {"cve": [{"id": "CVE-2002-1192", "type": "cve", "title": "CVE-2002-1192", "description": "Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain \"games\" group privileges via malformed entries in a game save file.", "published": "2002-10-28T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1192", "cvelist": ["CVE-2002-1192"], "lastseen": "2017-07-11T11:14:10"}], "osvdb": [{"id": "OSVDB:6098", "type": "osvdb", "title": "Multiple BSD Rogue Game Multiple Overflows", "description": "## Vulnerability Description\nA local overflow exists in Rogue, a game found on FreeBSD and NetBSD. The game fails to check bounds when reading the saved game file, resulting in a buffer overflow. With a specially crafted request, an attacker can obtain group \"games\" resulting in a loss of integrity.\n## Solution Description\nUpgrade to NetBSD version 1.6 after the correction date or higher, as it has been reported to fix this vulnerability. In addition, NetBSD has released a patch for some older versions. It is also possible to correct the flaw by implementing the following workaround: chmod g-s /usr/games/rogue\n\nCurrently, there are no known upgrades or patches available to correct this issue on FreeBSD. It is possible to correct the flaw by implementing the aforementioned NetBSD workaround on FreeBSD.\n## Short Description\nA local overflow exists in Rogue, a game found on FreeBSD and NetBSD. The game fails to check bounds when reading the saved game file, resulting in a buffer overflow. With a specially crafted request, an attacker can obtain group \"games\" resulting in a loss of integrity.\n## References:\nVendor Specific Solution URL: ftp://ftp.netbsd.org/pub/NetBSD/security/patches/SA2002-021-rogue.patch\n[Vendor Specific Advisory URL](ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc)\n[Secunia Advisory ID:7181](https://secuniaresearch.flexerasoftware.com/advisories/7181/)\n[Secunia Advisory ID:7252](https://secuniaresearch.flexerasoftware.com/advisories/7252/)\nOther Advisory URL: http://lists.netsys.com/pipermail/full-disclosure/2002-October/002407.html\nMail List Post: http://seclists.org/lists/bugtraq/2002/Sep/0312.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-09/0350.html\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=103342413220529&w=2\nISS X-Force ID: 10261\nGeneric Exploit URL: http://www.securityfocus.com/data/vulnerabilities/exploits/instant-rogue-exp.sh\nGeneric Exploit URL: http://archives.neohapsis.com/archives/bugtraq/2002-09/att-0350/01-instant-rogue-exp.sh\n[CVE-2002-1192](https://vulners.com/cve/CVE-2002-1192)\nBugtraq ID: 5837\n", "published": "2002-09-28T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:6098", "cvelist": ["CVE-2002-1192"], "lastseen": "2017-04-28T13:20:00"}]}}